Php 显示空白字段的服务器端验证,以及将消息从一个页面显示到另一个页面的最佳方式是什么?
我正在学习PHP,我需要了解服务器端错误以及保护数据库的最佳方法。我参考了谷歌,获得了一些有价值的信息,并应用了我的代码。请检查我的代码,并帮助我更多地了解PHP 我有一个带有客户端验证和服务器端验证的注册表 客户端验证没有问题,即使服务器端验证也可以工作,以防有人对浏览器隐藏javascript 我关心的是,我使用用于服务器端验证的会话来显示错误消息 1) 将服务器端错误消息从一个页面显示到另一个页面是否正确?或任何其他显示错误消息的最佳方式 2) 显示服务器端验证时,字段显示为空。在这个问题上有什么帮助吗 3) 我正在使用Php 显示空白字段的服务器端验证,以及将消息从一个页面显示到另一个页面的最佳方式是什么?,php,jquery,html,server-side-validation,Php,Jquery,Html,Server Side Validation,我正在学习PHP,我需要了解服务器端错误以及保护数据库的最佳方法。我参考了谷歌,获得了一些有价值的信息,并应用了我的代码。请检查我的代码,并帮助我更多地了解PHP 我有一个带有客户端验证和服务器端验证的注册表 客户端验证没有问题,即使服务器端验证也可以工作,以防有人对浏览器隐藏javascript 我关心的是,我使用用于服务器端验证的会话来显示错误消息 1) 将服务器端错误消息从一个页面显示到另一个页面是否正确?或任何其他显示错误消息的最佳方式 2) 显示服务器端验证时,字段显示为空。在这个问题
准备好的语句$name=$conn->real_escape_字符串(strip_标签(htmlspecialchars)(stripslashes)(trim($_POST['name']]))这是保护数据的好方法吗
你能帮我解决这个问题吗
Register.php
<?php
session_start();
/*server side checking and error display*/
$name_error="";
$email_error="";
$password_error="" ;
$mobilenumber_error="";
$name_error=isset($_SESSION['name_error'])?$_SESSION['name_error']:'';
$email_error=isset($_SESSION['email_error'])?$_SESSION['email_error']:'';
$password_error=isset($_SESSION['password_error'])?$_SESSION['password_error']:'';
$mobilenumber_error=isset($_SESSION['mobilenumber_error'])?$_SESSION['mobilenumber_error']:'';
?>
<!DOCTYPE html>
<html>
<head>
<title></title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<style type="text/css">
form{width: 400px;margin: auto;}
</style>
</head>
<body>
<form action="process.php?key=register" method="post" name="register" autocomplete="off">
<div class="form-group">
<label for="name">Name</label>
<input type="text" class="form-control" id="name" name="name">
<span class="error"><?php echo $name_error;?></span>
</div>
<div class="form-group">
<label for="email">Enter Email</label>
<input type="email" class="form-control" id="email" name="email" >
<span class="error"><?php echo $email_error;?></span>
</div>
<div class="form-group">
<label for="pwd">Password</label>
<input type="password" class="form-control" id="password" name="password">
<span class="error"><?php echo $password_error;?></span>
</div>
<div class="form-group">
<label>Mobile number</label>
<input type="text" class="form-control" id="mobilenumber" name="mobilenumber">
<span class="error"><?php echo $mobilenumber_error;?></span>
</div>
<div class="form-group">
<input type="submit" class="btn-reg btn-default" value="Register">
</div>
</form>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
<script src="https://cdn.jsdelivr.net/jquery.validation/1.16.0/jquery.validate.min.js"></script>
<script src="https://cdn.jsdelivr.net/jquery.validation/1.16.0/additional-methods.min.js"></script>
<script src="validation.js"></script>
</body>
</html>
<?php
ob_start();
session_start();
include('../db/connection.php');
date_default_timezone_set('Asia/Kolkata');
$date_of_added= date('d-m-Y H:i:s');//current date
switch($_GET['key']) {
case 'register':register($conn);break;
default : redirect('index.php');
}
/*register code*/
function register($conn)
{
global $date_of_added;
// $products_image=$newfilename;
$name=$conn->real_escape_string(strip_tags(htmlspecialchars(stripslashes(trim($_POST['name'])))));
$email=$conn->real_escape_string(strip_tags(htmlspecialchars(stripslashes(trim($_POST['email'])))));
$password=$conn->real_escape_string(strip_tags(htmlspecialchars(stripslashes(trim($_POST['password'])))));
$mobilenumber=$conn->real_escape_string(strip_tags(htmlspecialchars(stripslashes(trim($_POST['mobilenumber'])))));
/*server side validation*/
$_SESSION['name_error']="";
$_SESSION['email_error']="";
$_SESSION['password_error']="";
$_SESSION['confirmpassword_error']="";
if (empty($name)) {
$_SESSION['name_error']="Name is empty";
header('location:register');
}
elseif(strlen($name) >3) {
$_SESSION['name_error']="Please enter minimum 3 character";
header('location:register');
}
elseif(empty($email)) {
$_SESSION['email_error']="Email field is empty";
header('location:register');
}
elseif(!preg_match("/^[_\.0-9a-zA-Z-]+@([0-9a-zA-Z][0-9a-zA-Z-]+\.)+[a-zA-Z]{2,6}$/i", $email)) {
$_SESSION['email_error']="Invalid email format";
header('location:register');
}
elseif(empty($password)) {
$_SESSION['password_error']="Password field is empty";
header('location:register');
}
elseif(empty($mobilenumber))
{
$_SESSION['contact_mobile_error'] = "Enter Mobile NO !";
header('location:register');
}
elseif(!is_numeric($mobilenumber))
{
$_SESSION['contact_mobile_error'] = "Numbers only !";
header('location:register');
}
elseif(strlen($mobilenumber)!=10)
{
$_SESSION['contact_mobile_error'] = "10 characters only !";
header('location:register');
}
else{
$password_hash =password_hash($password,PASSWORD_DEFAULT,['cost' => 12]);
// prepare and bind
$sql="INSERT INTO test (name, email, password, mobileno, date_of_added) VALUES (?, ?, ?, ?, ?)";
$stmt = $conn->prepare($sql);
$stmt->bind_param("sssss", $name, $email, $password_hash, $mobilenumber, $date_of_added);
$stmt->execute();
$stmt->close();
}
header('location:register');
$conn->close();
}
表格{宽度:400px;边距:自动;}
名称
输入电子邮件
密码
手机号码
Process.php
<?php
session_start();
/*server side checking and error display*/
$name_error="";
$email_error="";
$password_error="" ;
$mobilenumber_error="";
$name_error=isset($_SESSION['name_error'])?$_SESSION['name_error']:'';
$email_error=isset($_SESSION['email_error'])?$_SESSION['email_error']:'';
$password_error=isset($_SESSION['password_error'])?$_SESSION['password_error']:'';
$mobilenumber_error=isset($_SESSION['mobilenumber_error'])?$_SESSION['mobilenumber_error']:'';
?>
<!DOCTYPE html>
<html>
<head>
<title></title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<style type="text/css">
form{width: 400px;margin: auto;}
</style>
</head>
<body>
<form action="process.php?key=register" method="post" name="register" autocomplete="off">
<div class="form-group">
<label for="name">Name</label>
<input type="text" class="form-control" id="name" name="name">
<span class="error"><?php echo $name_error;?></span>
</div>
<div class="form-group">
<label for="email">Enter Email</label>
<input type="email" class="form-control" id="email" name="email" >
<span class="error"><?php echo $email_error;?></span>
</div>
<div class="form-group">
<label for="pwd">Password</label>
<input type="password" class="form-control" id="password" name="password">
<span class="error"><?php echo $password_error;?></span>
</div>
<div class="form-group">
<label>Mobile number</label>
<input type="text" class="form-control" id="mobilenumber" name="mobilenumber">
<span class="error"><?php echo $mobilenumber_error;?></span>
</div>
<div class="form-group">
<input type="submit" class="btn-reg btn-default" value="Register">
</div>
</form>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
<script src="https://cdn.jsdelivr.net/jquery.validation/1.16.0/jquery.validate.min.js"></script>
<script src="https://cdn.jsdelivr.net/jquery.validation/1.16.0/additional-methods.min.js"></script>
<script src="validation.js"></script>
</body>
</html>
<?php
ob_start();
session_start();
include('../db/connection.php');
date_default_timezone_set('Asia/Kolkata');
$date_of_added= date('d-m-Y H:i:s');//current date
switch($_GET['key']) {
case 'register':register($conn);break;
default : redirect('index.php');
}
/*register code*/
function register($conn)
{
global $date_of_added;
// $products_image=$newfilename;
$name=$conn->real_escape_string(strip_tags(htmlspecialchars(stripslashes(trim($_POST['name'])))));
$email=$conn->real_escape_string(strip_tags(htmlspecialchars(stripslashes(trim($_POST['email'])))));
$password=$conn->real_escape_string(strip_tags(htmlspecialchars(stripslashes(trim($_POST['password'])))));
$mobilenumber=$conn->real_escape_string(strip_tags(htmlspecialchars(stripslashes(trim($_POST['mobilenumber'])))));
/*server side validation*/
$_SESSION['name_error']="";
$_SESSION['email_error']="";
$_SESSION['password_error']="";
$_SESSION['confirmpassword_error']="";
if (empty($name)) {
$_SESSION['name_error']="Name is empty";
header('location:register');
}
elseif(strlen($name) >3) {
$_SESSION['name_error']="Please enter minimum 3 character";
header('location:register');
}
elseif(empty($email)) {
$_SESSION['email_error']="Email field is empty";
header('location:register');
}
elseif(!preg_match("/^[_\.0-9a-zA-Z-]+@([0-9a-zA-Z][0-9a-zA-Z-]+\.)+[a-zA-Z]{2,6}$/i", $email)) {
$_SESSION['email_error']="Invalid email format";
header('location:register');
}
elseif(empty($password)) {
$_SESSION['password_error']="Password field is empty";
header('location:register');
}
elseif(empty($mobilenumber))
{
$_SESSION['contact_mobile_error'] = "Enter Mobile NO !";
header('location:register');
}
elseif(!is_numeric($mobilenumber))
{
$_SESSION['contact_mobile_error'] = "Numbers only !";
header('location:register');
}
elseif(strlen($mobilenumber)!=10)
{
$_SESSION['contact_mobile_error'] = "10 characters only !";
header('location:register');
}
else{
$password_hash =password_hash($password,PASSWORD_DEFAULT,['cost' => 12]);
// prepare and bind
$sql="INSERT INTO test (name, email, password, mobileno, date_of_added) VALUES (?, ?, ?, ?, ?)";
$stmt = $conn->prepare($sql);
$stmt->bind_param("sssss", $name, $email, $password_hash, $mobilenumber, $date_of_added);
$stmt->execute();
$stmt->close();
}
header('location:register');
$conn->close();
}
我认为你的问题与jquery的关系不大,而与老式的服务器端php的关系不大
回答您的问题(尽我所能):
1) 将服务器端错误消息从一个页面显示到另一个页面是否正确?或任何其他显示错误消息的最佳方式
我会认为,因为这是一个有效的解决方案,这是一个好的解决方案,但我不会选择这种方式。为什么不将register.php和process.php中的代码放在一个文件中,这样就不必使用会话和重定向了
2) 显示服务器端验证时,字段显示为空。在这个问题上有什么帮助吗
要在代码中实现这一点,您需要为process.php中的输入填充会话变量:
$_SESSION['name']=$name;
然后,您可以在register.php中这样使用它:
<input type="text" class="form-control" id="name" name="name" value="<?=$_SESSION['name']?>">